FDA Says Stop Using These IV Drips – You Could Be Hacked

The Food and Drug Administration is responsible for checking and maintaining people’s safety in regards to (surprise surprise) the food and drugs they are given. This time they’ve had to go a step further and “encourage” hospitals to replace a piece of tech from their supply lists and floors before it gets hacked.

Hospira’s Symbiq Infusion System (pictured in the centre above) is being recommended for immediate removal from hospitals all over due to a vulnerability in its ability to be controlled remotely. A third party can gain access to the device and control the dosages remotely which are then administrated by computerised pumps.

This discovery was made by the FDA and the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT for short). First reported on July 21st with a further alert made by the FDA on the 31st July. While they are open to being hacking, there has yet to be a reported instance of it happening.

The hack is done by connecting to the hospital network, allowing Symbiq systems to be remotely controlled. While the unit isn’t sold anymore by Hospira, it is still available from several third-party sellers.

This is the first adventure for the FDA in regards to discussing cybersecurity and the technology that is used to regulate and control food and medicine.